Help secure your organization with new endpoint management, intelligent access controls
G Suite has always aimed to give IT admins simpler ways to manage access, control devices, ensure compliance and keep data secure. Today we are announcing new updates that provide even deeper control. Some of these features will be turned on by default for G Suite and Cloud Identity so that we can reduce the burden on IT admins while ensuring that the right protections are in place for your organization. And, even better, in most cases your users won’t have to do anything to benefit from these enhanced protections. Here’s the breakdown:
1. Control devices with fundamental desktop management
Securing devices is one of the best ways for businesses to help keep data safe. Now, with fundamental desktop management you can get more management controls over all desktop devices that access G Suite. This feature is automatically enabled for your desktop devices that access G Suite, which means employees don’t have to install agents or profiles on Mac, Windows, Chrome and Linux devices.
It also means admins get added security management controls, including the ability to:
See which devices access corporate data in a single dashboard
Remotely sign out users from desktop devices should the device become lost or stolen
Allow multiple user accounts to be managed on the same device, like frontline workers
More than 85 million 30 day active devices licensed through G Suite, Cloud Identity and Chrome Enterprise are managed by our endpoint management solution. Particularly within G Suite & Cloud Identity, multiple devices per user can be managed at no additional cost. The new desktop management features will be generally available for all G Suite and Cloud Identity customers. Learn more.
2. Implement dynamic access controls for G Suite
Based on the zero trust security model and Google’s BeyondCorp implementation, context-aware access enables you to provide secure access for your users. Today, context-aware access is generally available for G Suite Enterprise customers so they can:
Dynamically control access to G Suite apps based on a user’s identity and the context of their request, like device security status, IP address, etc.
Apply specific controls and policies to various organizational units (OU)
Apply policy based access controls to G Suite apps.
If you’re wondering what types of access controls can be enforced through context-aware access, here are some examples: 1.) only allowing users from a corporate-owned device and a corporate IP address to access your organization’s Google Drive, 2.) only allowing users from a “high trust” organizational unit to access Drive when not on a corporate IP address, or 3.) only allowing users with an encrypted device and a screen lock enabled to access Gmail. Learn more.
Many of our G Suite and Cloud Identity customers are already using context-aware access to protect their users, including Veolia, a large multinational water, waste, and energy management company. The company’s enterprise architect and cybersecurity officer, Pascal Dalla-Torre, notes: "With around 100,000 connected employees spread over 5 continents, it's critical that our employees have access securely to company resources from anywhere on their preferred devices. Google Cloud's context-aware access will enable us to achieve that while enforcing granular and fine-tuned access control policies to ensure that only the right people have access to company apps and infrastructure." Watch this video to learn more about how to use context-aware access.
3. Automate security with new rules in security center
The G Suite security center already helps you protect your organization with security analytics and best practice recommendations from Google. It provides a unified security dashboard, an investigation tool to identify, triage, and take action on security and privacy issues in your domain, and more. Starting today, admins can create automated rules to remediate issues or send notifications to the alert center.
This makes it possible for teams of admins and analysts to collaborate on security investigations instantly based on alerts, and makes it easier to assess and manage threats with automated actions and improved tracking—key steps to improve your organization’s security posture.
These updates to the security center will be rolling out over the next two weeks for organizations on G Suite Enterprise. Learn more.